VirtServer Settings File
VirtServer stores its settings in the virt-server.yml
settings file.
Location
The location where VirtServer searches for the settings file depends on the operating system and on the permissions VirtServer or its installer has:
Windows
<user folder>/.readyapi/virt-server/virt-server.yml
Linux and macOS
If you installed or if you run VirtServer with root access (
sudo <path>/virtserver.sh
):/etc/virt-server.yml
Without root access:
<user folder>/.readyapi/virt-server/virt-server.yml
VirtServer 2.0.1 and earlier
<VirtServer>/bin/virt-server.yml
Note
VirtServer loads the settings file from the locations mentioned above by default. You can create your own settings file and specify it in the VirtServer command line. This will not work if you run VirtServer as a service (daemon), though.
Settings
Important
Some settings in this .yml file are for internal use by VirtServer. We recommend that you be careful when changing the file. If something goes wrong after you changed the settings, undo your changes, or re-install VirtServer.
Database Settings
virt-server.yml | Comments |
---|---|
# H2 Database configurations database: # the name of your JDBC driver...... | VirtServer stores virtual service data in a database. It uses the settings to work with this database. NoteDo not change these settings. They are for internal use by VirtServer. |
Logging Settings
virt-server.yml | Comments |
---|---|
# Logging settings. logging: # The default level of all loggers. Can be OFF, ERROR, WARN, INFO, DEBUG, TRACE, or ALL. level: INFO loggers: "com.smartbear": INFO "com.hubspot.dropwizard.guice.AutoConfig": WARN appenders: - type: console timeZone: Europe/Stockholm | Various logging settings: default logging level, individual logger classes and their logging level, and so on. NoteChange these settings only by requests from the SmartBear Support Team |
# Logging settings for virts. virtLogging: | Logging settings for individual virtual APIs. |
# Enables har logging for virts. Logs are saved in user_home/.readyapi/logs/virts dir | Logs are saved as individual files in the specified folder. |
enableHarLog: false | Enable logging. NoteIf you have ever changed the setting via the web interface, its value will be stored in the virt-server-override.yml file. |
usePrettyPrint: false | Use pretty print for log files. |
Time Zone Settings
virt-server.yml | Comments |
---|---|
# TimeZone server: requestLog: timeZone: Europe/Stockholm | Specifies the time zone for the log. |
Connection Settings
virt-server.yml | Comments |
---|---|
applicationConnectors: # For security reason we only allow communication over https | VirtServer connection settings. |
type: https | The protocol (https only). |
port: 9090 | The port number. NoteIf you change the port, ReadyAPI Virtualization will not be able to find your VirtServer automatically. You will have to specify connection settings manually. |
keyStorePath: .virtserverkeystore Example: apprwisb01.corp.bayadv.jks | The file name of the Java keystore that contains the VirtServer certificate. NoteThis keystore is used only to secure traffic to and from the VirtServer web interface. To specify a keystore for virtual services, use the virtSSL settings described below. |
keyStorePassword: '!serverSecret! 'Example: 'Veda2014!Pass' | The password for accessing the keystore. |
keyManagerPassword Example: 'sQRXPTF7CKBw' | If both |
validateCerts: false | |
excludedCipherSuits - TLS_AES_128_GCM_SHA256 | List of cipher suits which won't be used for client-server communication process. |
supportedCipherSuits - TLS_AES_256_GCM_SHA384 | List of cipher suits which will be used for client-server communication process. NoteAll other cipher suits will be excluded and won't be used to establish connection. Older clients not supporting these cipher suits won't be able to connect to the server. |
adminConnectors: type: https port: 9091 keyStorePath: .virtserverkeystorekeyStorePassword: '!serverSecret!' validateCerts: false excludedCipherSuits - TLS_AES_128_GCM_SHA256 supportedCipherSuits - TLS_AES_256_GCM_SHA384 | For internal use by VirtServer. Do not change these settings. NoteIn case both the properties #supportedCipherSuits and #excludedCipherSuits are used together, supportedCipherSuites is given priority and will be considered first. You can review further information in this documentation for dropwizard configuration: 2.0.x: Dropwizard Configuration Reference 4.0.x: Dropwizard Configuration Reference This configuration option is available in both dropwizard versions. |
VirtServer Configuration
virt-server.yml | Comments |
---|---|
# VirtServer configuration virtServer: | VirtServer properties and HTTPS settings. |
# The context path. contextPath: /api/${API_VERSION} | We need this instead of applicationContextPath so we can process variables (such as version) in the String NotecontextPath is used internally. Do not change. |
# Maximum number of activity log to keep maxActivityLog: 20 | The maximum number of records in the activity log. This log stores information on deploying and downloading virtual services, starting and stopping them, and so on. |
# Maximum number of transaction logs to keep. Storing many transaction logs may consume a lot of memory. Keep this as low as possible.maxTransactionLog: 20 | The maximum number of records in the transaction log for a virtual API. This log stores information on individual requests. Storing too many records may consume lots of memory. Set reasonable values. NoteIf you have ever changed the setting via the web interface, its value will be stored in the virt-server-override.yml file. |
# Strip quotes from boolean and number values in JSON payloads. stripQuotesFromBooleansAndNumbers: true | If set to Quotes in those values can get introduced due to the response template having quotes around property expansion. |
SSL Settings
virt-server.yml | Comments |
---|---|
# SSL configuration for virts # virtSSL: | SSL certificate settings for virtual services. Uncomment, if needed. |
# virtKeystorePath: /path/.keystore | The keystore file name. |
# virtKeystorePassword: keystoreSecret | The keystore password. |
# virtKeyPassword: keySecret | A security key password. |
# virtTrustStorePath: /path/.keystore | The CA certificate file that is used to establish trust. |
# virtTrustStorePassword: trustStoreSecret | The password of the trust certificate. |
Security Settings
virt-server.yml | Comments |
---|---|
# Security settings # securityConfig: | Security settings of VirtServer. Uncomment, if needed. NoteIn case these settings are absent, add them manually. |
# sessionTimeLimitEnabled: false | Enable a timeout for user sessions in the VirtServer web interface, connections from ReadyAPI Virtualization, and the command line sessions. The next two parameters specify the time after which a user will be logged out. NoteIf you have ever changed the timeout settings via the web interface, their values will be stored in the virt-server-override.yml file. |
# idleTimeout: 60 | Time (in minutes) after which an idle user will be logged out of the VirtServer web interface. |
# sessionTimeoutLimit: 480 | Time (in minutes) after which a user will be logged out of the VirtServer web interface regardless of their activity. |
# passwordComplexityMode: false | Enable the password complexity mode.If this option is enabled, the password must be at least 6 characters long and must contain at least one number and at least one capital letter. NoteWhen you log in after the setting has been turned on, your password might fail to satisfy complexity criteria. In this case, you will have to change the password either by logging in to the web interface or by using the command line. |
# lockoutTimeout: 0 | Specifies in minutes how long a user will be locked out when the user enters a wrong password for five times. To disable the option, set it to |
# oldVersionsCompatibility: true | Set the option to false to prohibit connections to VirtServer by using ServiceV 2.8 or older. Default value: true. |
LDAP Settings
virt-server.yml | Comments |
---|---|
# LDAP settings # ldapConfiguration: | Settings of connection between VirtServer and LDAP. To learn more about LDAP, see this topic. |
# ldapProviderUrl: 'ldap://<your host>:389' | Specifies the address of the LDAP server. NoteIf you have ever changed the setting via the web interface, its value will be stored in the virt-server-override.yml file. file. |
OIDC Settings
virt-server.yml | Comments |
---|---|
# OIDC settings # oidcConfiguration: | Settings of connection between VirtServer and OIDC. To learn more about OIDC, see this topic. |
Client id. oidcClientId: '0oad4h2tg5mnJIJ2C5d7' | This should be provided by your OIDC admin from the Virtsever app config. |
# Provider url. | This should be provided by your OIDC admin based on your okta org. |
# oidcProviderUrl: 'https://<your okta org url>/oauth2/default'oidcProviderUrl: 'https://dev-06865876.okta.com/oauth2/default' | |
# Token revocation url. | This should be the same as in your OIDC provider. |
# oidcTokenRevocationUrl: 'https://<your okta org url>/oauth2/default/v1/revoke'oidcTokenRevocationUrl: 'https://dev-06865876.okta.com/oauth2/default/v1/revoke' | To be provided by the OIDC admin based on the Audience URI / Entity ID configured for the authorization server. |
# Group name field oidcGroupNameField: 'groups_access' # Admin group filter(comma separated) oidcAdminGroupFilter: [VirtServer Admin,admin1,admin2] # Optional admin group filter (comma separated) # oidcAdminGroupFilter: [admin1,admin2] # User group filter(comma separated) oidcUserGroupFilter: [VirtServer User,user1,user2] |
|
Proxy Settings
virt-server.yml | Comments |
---|---|
proxyConfiguration: # Proxy mode: Auto, Manual, or None (None or empty means proxy is disabled )mode: Auto | Manual | None # Settings for Manual proxy mode type: HTTP | SOCKS host: <proxy-host> port: <proxy-port> excludes: <comma-separated values> # Domains to exclude from proxy # Credentials (for both Auto and Manual modes if required) username: <proxy-username> password: <proxy-password> | This configures proxy settings in VirtServer, allowing VirtServer to run on a different proxy than ReadyAPI. |
Override settings
If you have ever changed VirtServer settings via the web interface, there will be an additional settings file, virt-server-override.yml
, and the settings will be stored there. They will override the settings configured in virt-server.yml
.
To change those settings via settings files, you should:
Change them in
virt-server-override.yml
.
– or –
Delete them from
virt-server-override.yml
and change them invirt-server.yml
.
Add a parameter for parsing legacy JDBC connection strings
As of Java 17.0.3 and from adopting 17.0.4 in ReadyAPI 3.41.0, the '_' characters are no longer allowed in JDBC connection strings.
If your existing tests have the '_' in their JDBC connection string, please add and use this JVM option:
-Dcom.sun.jndi.ldapURLParsing="legacy".
SNI and DropWizard
We have upgraded the DropWizard library with our latest release VirtServer 3.20.0, which also includes a Jetty upgrade.
However, Jetty 10.0.x introduces stricter SNI host checking hence, after the update you may encounter issues while making requests over HTTPS. Find more details regarding this issue here.
To solve this issue, the HttpsConnectorFactory
has a disableSniHostCheck
configuration option which enables or disables stricter security for an application. By default in VirtServer, this is set to true, and the SNI host check is disabled or turned off.
If you wish to change this setting, please follow these instructions:
Create a signed keystore with the certs you wish VirtServer to be accessible through. An example can be found here: SSL with CA signed certificate from Let's Encrypt with a domain registered at GoDaddy.
Change connector (fields “applicationConnector” or “adminConnector”) for connecting to Virtserver. Add the field 'disableSniHostCheck' to the connector, and set it to 'false'. Change 'keyStorePath' to point to your keystore. Change 'keyStorePassword' to the password needed to unlock the Keystore.
Restart VirtServer.